LongTail Log Analysis

Assorted Statistics

Analysis does not include today's numbers. Numbers rounded to two decimal places

Created on Thu Dec 13 06:43:39 EST 2018

Normalized data is data that consists of only full days of attacks, AND to servers that are NOT protected by firewalls or other kinds of intrusion protection systems.

Time
Frame
Number
of Days
Total
Webpages Requested
Average
Per Day
Std. Dev. Median Max Min
All Hosts Combined
Time
Frame
Number
of Days
Total
Webpages Requested
Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 12 2,090 174.17 86.01 157.5 390 57
ALL Hosts Last Month 30 6,062 202.07 112.75 179 493 32
ALL Hosts This Year 346 28,577 82.59 91.89 47 493 0
ALL Hosts Since Logging Started 1,060 148,944 140.51 268.55 74 4,447 0
ALL Hosts Normalized Since Logging Started 1,817 54,493 29.99 155.04 8 4,253 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 12N/A 34.00 10.38 31 55 23
ALL Hosts Last Month 30N/A 30.33 8.65 32.5 45 9
ALL Hosts This Year 346N/A 25.66 20.08 37 140 0
ALL Hosts Since Logging Started 1,060N/A 28.55 22.00 31 317 0
ALL Hosts Normalized Since Logging Started 1,060N/A 28.55 22.00 31 317 0
IP Address Overlap With Longtail Ssh Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 12N/A 0.00 0.00 0 0 0
ALL Hosts Last Month 30N/A 0.00 0.00 0 0 0
ALL Hosts This Year 346N/A 0.16 0.39 0 2 0
ALL Hosts Since Logging Started 1,060N/A 0.72 1.55 0 17 0
ALL Hosts Normalized Since Logging Started 1,060N/A 0.72 1.55 0 17 0
-Uniq-Ips Txt Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 12N/A 29.42 10.19 27.5 51 18
ALL Hosts Last Month 30N/A 24.13 8.61 26.5 39 0
ALL Hosts This Year 346N/A 21.25 18.76 3 133 0
ALL Hosts Since Logging Started 1,060N/A 16.03 18.67 24 293 0
ALL Hosts Normalized Since Logging Started 1,060N/A 16.03 18.67 24 293 0
404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 12N/A 140.58 86.82 213 361 36
ALL Hosts Last Month 30N/A 173.73 112.30 222.5 459 6
ALL Hosts This Year 346N/A 58.22 84.49 3 459 0
ALL Hosts Since Logging Started 1,031N/A 92.67 253.18 31 4,304 0
ALL Hosts Normalized Since Logging Started 1,031N/A 92.67 253.18 31 4,304 0
Uniq 404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 12N/A 123.08 63.79 179 275 36
ALL Hosts Last Month 30N/A 144.77 81.39 172.5 378 5
ALL Hosts This Year 346N/A 46.30 65.11 3 378 0
ALL Hosts Since Logging Started 1,031N/A 36.95 56.55 22 697 0
ALL Hosts Normalized Since Logging Started 1,031N/A 36.95 56.55 22 697 0
Uniq Shellshock Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 12N/A 0.00 0.00 0 0 0
ALL Hosts Last Month 30N/A 0.00 0.00 0 0 0
ALL Hosts This Year 346N/A 0.01 0.08 0 1 0
ALL Hosts Since Logging Started 1,031N/A 1.97 16.14 0 391 0
ALL Hosts Normalized Since Logging Started 1,031N/A 1.97 16.14 0 391 0
Shellshock Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 12N/A 0.00 0.00 0 0 0
ALL Hosts Last Month 30N/A 0.00 0.00 0 0 0
ALL Hosts This Year 346N/A 0.01 0.08 0 1 0
ALL Hosts Since Logging Started 1,060N/A 2.17 16.41 0 391 0
ALL Hosts Normalized Since Logging Started 1,060N/A 2.17 16.41 0 391 0
Uniq Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 12N/A 126.42 64.35 182.5 279 37
ALL Hosts Last Month 30N/A 149.53 82.17 177.5 380 6
ALL Hosts This Year 346N/A 49.94 66.03 207.5 380 0
ALL Hosts Since Logging Started 1,031N/A 42.00 57.87 26 743 0
ALL Hosts Normalized Since Logging Started 1,031N/A 42.00 57.87 26 743 0
Wget Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 12N/A 0.00 0.00 0 0 0
ALL Hosts Last Month 30N/A 0.00 0.00 0 0 0
ALL Hosts This Year 346N/A 0.01 0.08 0 1 0
ALL Hosts Since Logging Started 1,031N/A 1.97 16.14 0 391 0
ALL Hosts Normalized Since Logging Started 1,031N/A 1.97 16.14 0 391 0
 
Hosts protected by BlackRidge Technologies
 
Hosts protected by an Intrusion Protection System
 
Educational Sites
 
Residential Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
shepherd Residential server
Time
Frame
Number
of Days
Total
Webpages Requested
Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 10 664 66.40 109.51 14 370 7
shepherd Last Month 27 2,043 75.67 75.84 61 278 1
shepherd This Year 297 9,921 33.40 52.89 11 370 0
shepherd Since Logging Started 926 31,090 33.57 47.46 11 370 0
shepherd Normalized Since Logging Started 926 31,090 33.57 47.46 11 370 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 10N/A 11.90 3.94 17 18 7
shepherd Last Month 27N/A 10.15 3.94 14 20 1
shepherd This Year 297N/A 8.63 8.42 18 49 0
shepherd Since Logging Started 927N/A 7.28 6.56 2 49 0
shepherd Normalized Since Logging Started 927N/A 7.28 6.56 2 49 0
IP Address Overlap With Longtail Ssh Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 10N/A 0.00 0.00 0 0 0
shepherd Last Month 27N/A 0.00 0.00 0 0 0
shepherd This Year 297N/A 0.06 0.25 0 2 0
shepherd Since Logging Started 927N/A 0.11 0.41 0 4 0
shepherd Normalized Since Logging Started 927N/A 0.11 0.41 0 4 0
-Uniq-Ips Txt Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 10N/A 4.90 5.92 7 17 0
shepherd Last Month 27N/A 5.59 5.09 13 14 0
shepherd This Year 297N/A 5.07 7.98 1 47 0
shepherd Since Logging Started 926N/A 3.83 5.33 2 47 0
shepherd Normalized Since Logging Started 926N/A 3.83 5.33 2 47 0
404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 10N/A 54.90 108.80 1 359 0
shepherd Last Month 27N/A 66.44 75.44 141 270 0
shepherd This Year 297N/A 25.04 50.53 119 359 0
shepherd Since Logging Started 918N/A 18.67 35.18 18 359 0
shepherd Normalized Since Logging Started 918N/A 18.67 35.18 18 359 0
Uniq 404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 10N/A 43.70 83.12 1 273 0
shepherd Last Month 27N/A 58.37 59.24 141 195 0
shepherd This Year 297N/A 21.98 42.76 102 273 0
shepherd Since Logging Started 918N/A 11.22 28.03 143 273 0
shepherd Normalized Since Logging Started 918N/A 11.22 28.03 143 273 0
Uniq Shellshock Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 10N/A 0.00 0.00 0 0 0
shepherd Last Month 27N/A 0.00 0.00 0 0 0
shepherd This Year 297N/A 0.00 0.00 0 0 0
shepherd Since Logging Started 918N/A 0.38 4.65 0 86 0
shepherd Normalized Since Logging Started 918N/A 0.38 4.65 0 86 0
Shellshock Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 10N/A 0.00 0.00 0 0 0
shepherd Last Month 27N/A 0.00 0.00 0 0 0
shepherd This Year 297N/A 0.00 0.00 0 0 0
shepherd Since Logging Started 926N/A 0.38 4.63 0 86 0
shepherd Normalized Since Logging Started 926N/A 0.38 4.63 0 86 0
Uniq Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 10N/A 45.40 83.40 2 275 1
shepherd Last Month 27N/A 60.15 59.43 197 197 1
shepherd This Year 297N/A 23.75 43.16 2 275 0
shepherd Since Logging Started 918N/A 13.33 28.65 29 275 0
shepherd Normalized Since Logging Started 918N/A 13.33 28.65 29 275 0
Wget Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 10N/A 0.00 0.00 0 0 0
shepherd Last Month 27N/A 0.00 0.00 0 0 0
shepherd This Year 297N/A 0.00 0.00 0 0 0
shepherd Since Logging Started 918N/A 0.38 4.65 0 86 0
shepherd Normalized Since Logging Started 918N/A 0.38 4.65 0 86 0
 
Cloud Provider Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
AWS AWS-Amazon Webservices webserver
Time
Frame
Number
of Days
Total
Webpages Requested
Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 8 0 0.00 0.00 0 0 0
AWS Last Month 26 0 0.00 0.00 0 0 0
AWS This Year 268 0 0.00 0.00 0 0 0
AWS Since Logging Started 891 23,403 26.27 215.98 5 4,253 0
AWS Normalized Since Logging Started 891 23,403 26.27 215.98 5 4,253 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 8N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 268N/A 0.00 0.00 0 0 0
AWS Since Logging Started 891N/A 6.18 8.62 10 109 0
AWS Normalized Since Logging Started 891N/A 6.18 8.62 10 109 0
IP Address Overlap With Longtail Ssh Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 8N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 268N/A 0.00 0.00 0 0 0
AWS Since Logging Started 891N/A 0.20 0.55 0 7 0
AWS Normalized Since Logging Started 891N/A 0.20 0.55 0 7 0
-Uniq-Ips Txt Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 8N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 268N/A 0.00 0.00 0 0 0
AWS Since Logging Started 890N/A 3.38 6.75 0 103 0
AWS Normalized Since Logging Started 890N/A 3.38 6.75 0 103 0
404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 8N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 268N/A 0.00 0.00 0 0 0
AWS Since Logging Started 883N/A 21.76 216.14 1 4,241 0
AWS Normalized Since Logging Started 883N/A 21.76 216.14 1 4,241 0
Uniq 404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 8N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 268N/A 0.00 0.00 0 0 0
AWS Since Logging Started 883N/A 5.75 15.85 1 170 0
AWS Normalized Since Logging Started 883N/A 5.75 15.85 1 170 0
Uniq Shellshock Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 8N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 268N/A 0.00 0.00 0 0 0
AWS Since Logging Started 883N/A 0.19 3.21 0 84 0
AWS Normalized Since Logging Started 883N/A 0.19 3.21 0 84 0
Shellshock Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 8N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 268N/A 0.00 0.00 0 0 0
AWS Since Logging Started 891N/A 0.19 3.20 0 84 0
AWS Normalized Since Logging Started 891N/A 0.19 3.20 0 84 0
Uniq Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 8N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 268N/A 0.00 0.00 0 0 0
AWS Since Logging Started 883N/A 6.87 16.27 10 172 0
AWS Normalized Since Logging Started 883N/A 6.87 16.27 10 172 0
Wget Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 8N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 268N/A 0.00 0.00 0 0 0
AWS Since Logging Started 883N/A 0.19 3.21 0 84 0
AWS Normalized Since Logging Started 883N/A 0.19 3.21 0 84 0

Total SSH attempts for all hosts may be LARGER than the sum of SSH attempts of each host. This is because each host's attacks are counted before totalling all the SSH attacks, and if attacks are ongoing, then more attacks will have come in between counting for a host and counting all the SSH attacks.


LongTail Copyright 2015 by Eric Wedaa, under GPLV2